App.No. : 10/010,282 
Filed : December 5, 2001 

AMENDMENTS TO THE CLAIMS 
Please amend Claims 1, 7, 9, 10, 15, 17, 25, 29, 30, 32, 33, 34, 35, 38, 40, and 41 as follows: 

1. (Currently Amended) A system for controlling user access to cat e gori e s of 
Internet sites between an area network and an Internet, comprising: 

a categorized database of Internet sites; 

a first module configured to associate refer e nc e the cat e goriz e d databas e and 
d e t e rmin e athe category of Int e rn e t sit e that is with an Internet site b eing requested by a 
user; 

a second module configured to determine a data transfer rate between the area 
network and the Internet; 

a categorized database of threshold values; and 

a third module configured to compare the data transfer rate to the categorized 
database of threshold values and, responsive to the comparison, to block b locking the 
user's further access to the site. 

2. (Original) The system of Claim 1, wherein the categorized database of threshold 
values includes an array of categories of Internet sites, each category including an associated 
threshold value. 

3. (Original) The system of Claim 2, wherein the array of categories of Internet sites 
includes threshold values associated with work hours and off work hours. 

4. (Original) The system of Claim 2, wherein the array of categories of Internet sites 
includes threshold values associated with the classification of the user. 

5. (Original) The system of Claim 2, wherein the array of categories of Internet sites 
includes threshold values associated with the identification of the user. 

6. (Original) The system of Claim 1, wherein the data transfer rate is indicative of a 
total data transfer rate between the area network and the Internet. 

7. (Currently Amended) The system of Claim 1, wherein the data transfer rate is 
indicative of a&e portion of a total data transfer rate between the area network and the Internet 
that is being used by the category associated with the e f Internet site requested by the user. 

8. (Original) The system of Claim 1 further comprising a fourth module configured 
to determine whether the user has spent a preset amount of time on the Internet site within the ' 
category and, responsive to the determination, allowing the user's further access to the site. 
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9. (Currently Amended) The system of Claim 1 further comprising a fourth module 
configured to determine whether the user requests a postponed access to the Internet site within 
the category, and responsive to the determination, to store stermg pages from the requested the 
Internet site to a storage. 

10. (Currently Amended) The system of Claim 1 further comprising a fourth module 
configured to determine whether the user has accessed the Internet site within the category a 
predetermined number of times and, responsive to the determination, to block b locking the user's 
further access to the Internet site. 

11. (Original) The system of Claim 1 further comprising a fourth module configured 
to determine whether the user has accessed the Internet site within the category and thereafter 
notifying the user that any Internet access will be stored to a log file. 

12. (Original) The system of Claim 1, wherein the area network is a local area 
network. 

13. (Original) The system of Claim 1, wherein the area network is a wide area 
network. 

14. (Original) The system of Claim 13, wherein the wide area network includes a 
plurality of local area networks. 

15. (Currently Amended) A method offer controlling user access to categories of 
internet sites between an area network and an Internet, the method comprising: 

referencing a categorized database of Internet sites; 

associating d e t e rmining ajhe category with an ef Internet site that is b e ing 

requested by a user; 

determining a data transfer rate between the area network and the Internet; and 
comparing the data transfer rate to a categorized database of threshold values, and 

responsive to the comparison, blocking access to the site. 

16. (Original) The method of Claim 15 further comprising determining whether the 
user has spent a preset amount of time on the Internet site within the category and, responsive to 
the determination, blocking the user's further access to the site. 

17. (Currently Amended) The method of Claim 15 further comprising determining 
whether the user requests a postponed access to the Internet site within the category, and 
responsive to the determination, storing pages from the requested the Internet site to a storage. 
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18. (Original) The method of Claim 15 further comprising determining whether the 
user has accessed the Internet site within the category a predetermined number of times and, 
responsive to the determination, blocking the user's further access to the site. 

19. (Original) The method of Claim 15 further comprising determining whether the 
user has accessed the Internet site within the category and thereafter notifying the user that any 
Internet access will be stored to a log file. 

20. (Original) The method of Claim 15, wherein the categorized database of threshold 
values includes an array of categories of Internet sites, each category including an associated 
threshold value. 

21. (Original) The method of Claim 20, wherein the array of categories of Internet 
sites includes threshold values associated with work hours and off work hours. 

22. (Original) The method of Claim 20, wherein the array of categories of Internet 
sites includes threshold values associated with the classification of the user. 

23. (Original) The method of Claim 20, wherein the array of categories of Internet 
sites includes threshold values associated with the identification of the user. 

24. (Original) The method of Claim 1 5, wherein the data transfer rate is indicative of a 
total data transfer rate between the area network and the Internet. 

25. (Currently Amended) The method of Claim 15, wherein the data transfer rate is 
indicative of athe portion of a total data transfer rate between the area network and the Internet 
that is being used by the category associated with the e f Internet site requested by the user. 

26. (Original) The method of Claim 15, wherein the area network is a local area 
network. 

27. (Original) The method of Claim 15, wherein the area network is a wide area 
network. 

28. (Original) The method of Claim 27, wherein the wide area network includes a 
plurality of local area networks. 

29. (Currently Amended) A An system for controlling user access to categories of 
internet sites between an area network and an Internet, the system comprising: 

means for referencing a categorized database of Internet sites; 
means for associating determining ajhe category ef with an Internet site that is 
b e ing requested by a user; 
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means for determining a data transfer rate between the area network and the 
Internet; and 

means for comparing the data transfer rate to a categorized database of threshold 
values, and responsive to the comparison, blocking access to the site. 

30. (Currently Amended) A method fef ofcontrolling user access to categori e s of 
internet sites between an area network and an Internet, the method comprising: 

receiving a request for an Internet site at a categorized site management module; 
referencing a categorized database of Internet sites; 

determining tfthe responsiv e n e ss of the categorized cat e gorization database of 
Internet sites is responsive ; 

referencing a user permissions module to determine whether the user is restricted 
from accessing particular categories of sites; and 

if the categorized cat e gorization database of Internet sites is not responsive, 
gradually degrading a level of service of the categorized site management module. 

31. (Original) The method of Claim 30, wherein degrading the level of service 
comprises: 

determining a data transfer rate between the area network and the Internet; 
selecting a default value from a categorized database of threshold values; and 
comparing the data transfer rate to the default value, and responsive to the 
comparison, blocking access to the site. 

32. (Currently Amended) The method of Claim 30, wherein degrading the level of 
service includes limiting the application of the categorized cat e gorization site management 
module to the request for the an-Internet site. 

33. (Currently Amended) The method of Claim 32, wherein limiting the application 
of the categorized cat e gorization site management module includes applying a default global 
policy tojer the request for the an Internet site. 

34. (Currently Amended) The method of Claim 32, wherein limiting the application 
of the categorized categorization site management module includes allowing a specific category 
of Internet sites. 

35. (Currently Amended) A system for controlling user access to Internet sites 
between an area network and an Internet, comprising: 
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a first module configured to determine a data transfer rate between a user and the 
Internet; 

a database of quota values including a limit associated with the user; and 

a second module configured to compare the data transfer rate to the limit 

associated with the user and, responsive to the comparison, to block b locking the user's 

further access to the site. 

36. (Original) The system of Claim 35, wherein the data transfer rate is a measure of 
bytes transferred per time period. 

37. (Original) The system of Claim 35, wherein the data transfer rate is a measure of 
number of hits per time period. 

38. (Currently Amended) A system for controlling software application data traffic 
between an area network and an Internet, comprising: 

a database of software applications; 

a first module configured to associate r eferenc e the databas e of software 
application s and d e t e rmin e a_the software application data traffic type that is with a 
software application b eing requested by a user; 

* a second module configured to determine a data transfer rate between the area 
network and the Internet; 

a software database of threshold values; and 

a third module configured to compare the data transfer rate to the software 
database of threshold values and, responsive to the comparison, to block b locking the 
user's further requests for the software application data traffic type. 

39. (Original) The system of Claim 38, wherein the software database of threshold 
values includes an array of software application data traffic types, each type including an 
associated threshold value. 

40. (Currently Amended) The system of Claim 39 further comprising a fourth 
module configured to determine whether the user has received a pre-selected number of 
resources associated with the software application data traffic type and, responsive to the 
determination, to allow allowing the user's further access to resources associated with the 
software application data traffic type. 
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41. (Currently Amended) A method of for controlling user access to a resource or 
service softwar e application data traffic between an area network and an Internet, the method 
comprising: 

requesting a resource or service from an Internet; 
referencing a database of software applications; 

determining a software data traffic type that is associated with data packets 

captured from the area network; 

determining a data transfer rate between the area network and the Internet; and 
comparing the data transfer rate to a software database of threshold values, and 

responsive to the comparison, blocking access to the resource or service. 

42. (Original) The method of Claim 41, wherein the software database of threshold 
values includes an array of software application data traffic types, each type including an 
associated threshold values. 

43. (Original) The method of Claim 42 further comprising determining whether the 
user has received a pre-selected number of resources associated with the software application 
data traffic type and, responsive to the determination, blocking access to the resource or service. 



